Company Pays Former Employee $450k Ransom for Stolen Data
A phone insurance and tech support company based in Nashville, Tennessee has paid a former employee a hefty ransom after he stole private data from the company and effectively held it hostage.
It’s what’s known as a ransomware attack, whereby a third party hacker - or insider in the case of this former employee - will only hand the data back to an organisation is paid, usually in the form of a cryptocurrency, which is increasingly more difficult to track.
The case has come to light after new court records surfaced from an ongoing FBI investigation into the matter, with lead suspect Nicholas Burks, a former employee of Asurion that was fired from the company in March remaining uncharged by authorities.
According to reports, “the extortionist threatened to leak this information to newspapers and competing companies if he was not paid a $350,000 ransom in bitcoin within 24 hours.”
“To prove he wasn’t bluffing, the extortionist attached samples of the corporate documents, including social security numbers of some employees.”
Federal court records show that Burks successfully extorted USD $300,000 (AUD $448,000) from Asurion, claiming he was in possession of “sensitive data” which included thousands of employee emails, social security numbers, banking information as well as “over a million customers' names, addresses, phone numbers and account numbers.”
The company paid the ransom in instalments of $50,000 daily, in an attempt to stall the extortion attempt while the FBI underwent their investigation, according to court records.
A spokesperson for Asurion, Nicole Miller has told the public that the company is limited in the details it can divulge, as the case is subject to active criminal investigation by the FBI, however she did that the former employee’s access to the data was limited.
“At this point, there is no evidence to suggest that sensitive customer data has been compromised,” she said. “Based on our review, the person had limited information regarding a small number of employees, as well as general company information. We are supporting our employees through identity theft protection services.”
According to The Tennessean, “the Asurion breach was revealed late last week by an FBI search warrant application that was publicly filed in federal court.”
“According to the warrant application, the extortion scheme began when seven Asurion executives received an anonymous email threatening to release corporate information. In addition to the employee and customer info, the extortionist claimed to have obtained thousands of recorded phone calls, financial documents, customer service documents and training materials.”
As of publishing, Burks remains uncharged by authorities for extortion, but the FBI is yet to complete its investigation into the matter.